Air Travel Privacy

The right to travel is a part of the "liberty" of which the citizen cannot be deprived without due process of law under the Fifth Amendment ... Freedom of movement across frontiers in either direction, and inside frontiers as well, was a part of our heritage. Travel abroad, like travel within the country, may be necessary for a livelihood. It may be as close to the heart of the individual as the choice of what he eats, or wears, or reads. Freedom of movement is basic in our scheme of values. "Our nation," wrote Chafee, "has thrived on the principle that, outside areas of plainly harmful conduct, every American is left to shape his own life as he thinks best, do what he pleases, go where he pleases."

-- Justice William O. Douglas, Kent v. Dulles (1958)

Post-September 11, several measures have been considered to improve aviation security. Some of these proposals, such as improved training for airport screeners, checking all bags for bombs, strengthening cockpit doors, and placing air marshals on flights, do not implicate privacy interests and are sound security measures. Others, however, present privacy and security risks to air travelers. These proposals concern efforts to identify passengers and schemes to distinguish the "good guys" from the "bad." EPIC will make available on this page aviation security and privacy related documents it obtains from the government under the freedom of information law to promote and inform the public debate over these new schemes.

In earlier responses to security threats the FAA issued a secret regulation that allowed airlines to demand photo identification and instituted a new profiling program called CAPPS (Computer Assisted Passenger Pre-screening System) based on travel data airlines routinely collected. See Previous Files. New proposals advocate using biometric credentials for "trusted travelers" and using extensive data mining of credit history, criminal records, and travel patterns to profile all airline passengers. NASA has even suggested developing "non-invasive neuro-electric sensors" or brain scans at the security gate to see if people are having suspicious thoughts.

The stated goal of these new proposals is to rely on technology to reduce the "hassle factor" in airports and to reduce security threats. The core idea is to focus security resources on suspicious travelers, while ensuring that most people are not inconvenienced by heightened security. Terrorists, however, have been known to go to great lengths to look like most people. Former Transportation Security Agency chief John Magaw refused to endorse a "trusted traveler" card, fearing that it would be the first thing a terrorist will try to obtain. New profiling and identification programs will convert airport security into all-purpose police stops where criminals, deadbeat dads, and others seeking to avoid law enforcement for non-aviation security related reasons face the risk of being arrested.

The basic structure of passenger profiling is to use an algorithm to determine indicators of characteristics or behavior patterns that are related to the occurrence of certain behavior. The CAPPS-II initiative will expand the range of databases searched for suspicious activity so that each airline passenger will be subjected to an extensive profiling. John Pointdexter's office in the Defense Department is considering developing a similar Total Information Awareness system. Each structural element of the CAPPS-II profiling system, however, raises a host of complex questions:

Algorithm: What logic will be used? What is the basis for developing the algorithm? What are acceptable false positive and false negative rates?

Indicators: What indicators are relevant? Are these indicators available? Who will collect and store the relevant indicators?

Related: How are the indicators related to particular kinds of behavior? Is that relationship reliable?

Behavior: Who determines what behavior should be targeted? What types of specific behavior will the system try to catch?

In addition there are several technical issues such as how reliable is the data used to make profiling decisions? What kind of data should be collected and how long should the data be retained? Who will have access to the data and for what purposes?

The policy issues also need to be addressed: what will be the rights of individuals to control their personally identifiable information? What recourse will be available for someone wrongly identified or denied a service? Will profiling based on deep data-mining stand up to charges of equal protection and due process violations? The new proposals directly implicate long standing constitutional protections under the fourth and first amendments, including the right to travel, and must be clearly understood and properly considered by the public.

Latest News

EPIC FOIA: EPIC Obtains Secure Flight Documents: In response to EPIC's Freedom of Information Act request, the Transportation Security Administration has released records about Secure Flight, a program that compares airline passenger records with various watch lists. The documents provided to EPIC contain an interagency agreement between the TSA and Customs and Border Protection, as well as related documents about Secure Flight. During the processing of EPIC's request, the TSA destroyed over a hundred pages of responsive records "due to the records disposition schedule." EPIC has testified before Congress and published a "Spotlight on Surveillance" report about the Watchlist Program. For more information, see EPIC: Passenger Profiling, and EPIC: Air Travel Privacy. (Oct. 12, 2018)

The Transportation Security Administration and Customs and Border Protection, components of the Department of Homeland Security, have announced plans for agency record disclosures without Privacy Act notifications. The agencies Common Operating Picture ("COP") program would permit TSA and CBP to exchange personal information held by the agencies to place travelers on federal watch lists. Although TSA and CBP have proposed new uses for personal data, the agencies have declined to solicit public comments as required by the Privacy Act. Currently, the agencies use the Automated Targeting System to perform "risk assessments." EPIC has called for DHS to suspend "risk-based" passenger profiling and to make public the algorithms that are used to assess travelers. For more information, see EPIC: Secure Flight, EPIC: Passenger Profiling, and EPIC: Air Travel Privacy.

The Government Accountability Office issued a report to Congress finding that the Transportation Security Administration's behavioral analysis program, known as "Screening of Passengers by Observation Techniques" (SPOT), is ineffective. The GAO determined that there is no scientifically valid evidence for behavior indicators, and that TSA screeners cannot reliably interpret passenger behavior. The GAO report also notes that the there have been significant concerns over racial and ethnic profiling. There are around 3,000 TSA officers currently assigned to the SPOT program, which has cost approximately $900 million since 2007. The GAO recommended the Congress reduce further funding of the program. In testimony before the 9/11 Commission in 2003, EPIC warned that "It is easy to construct a device that can determine whether a person is carrying a gun before he boards an airplane. It is much more difficult to construct a device that can probe his thoughts and determine his intent to commit a crime." Since that time, EPIC has objected to the DHS's practice of assigning threat profiles based on race, ethnicity, and gender. EPIC has also called upon the TSA to undertake a comprehensive audit of the civil rights impact of airport screening policies on racial and religious minorities. For more information, see EPIC: Passenger Profiling.

EPIC has submitted comments to the Department of Homeland Security, objecting to the agency's plan to secretly profile U.S. air travelers and remove Privacy Act safeguards. The DHS proposed to exempt TSA PreCheck from the federal privacy law. The PreCheck database contains detailed personal information, including name, birthdate, biometric information, Social Security Number, and financial information. The TSA plans to release applicant data to federal, state, tribal, local, territorial agencies and foreign governments. However, the TSA proposes to remove the rights of PreCheck applications concerning notification, access, and correction. The agency also intends to keep secret the basis for approving PreCheck applicants. EPIC described the substantial privacy and security risks of Precheck, urged the DHS to narrow the Privacy Act exemptions, and recommended that the DHS withdraw routine use disclosures. For more information, see EPIC: Secure Flight, EPIC: Passenger Profiling, and EPIC: Air Travel Privacy.

EPIC has obtained more than one hundred fifty pages of documents detailing the Department of Homeland Security’s development of mobile body scanners and other crowd surveillance technology. The documents were obtained as a result of a Freedom Information Act lawsuit brought by EPIC against the federal agency. According to the documents obtained by EPIC, vehicles equipped with mobile body scanners are designed to scan crowds and pedestrians on the street and can see through bags, clothing, and even other vehicles. The documents also reveal that the mobile backscatter machines cannot be American National Standards Institute “certified people scanners” because of the high level of radiation output and because subjects would not know they have been scanned. For more information see EPIC: Whole Body Imaging Technology and EPIC: EPIC v. DHS (Suspension of the Body Scanner Program).

Citing significant errors in an earlier decision, EPIC has petitioned a federal appeals court to rehear the organization's challenge to the TSA's controversial body scanner program. "The court overstated the effectiveness of the body scanner devices and understated the degree of the privacy intrusion to the travelling public," stated EPIC President Marc Rotenberg. EPIC's petition challenged the Court's finding that the devices detect “liquid and powders," which was never established and was not claimed by the government. EPIC also argued that the court wrongly concluded that the TSA is not subject to a federal privacy law that prohibits video voyeurism. The panel found that TSA body scanner employees are “engaged in law enforcement activity," contrary to the TSA's own regulations. EPIC is pursuing related litigation on the government's deployment of mobile body scanners. For more information, see EPIC: EPIC v. DHS.

New documents released by the Department of Homeland Security to EPIC indicate the the agency continues to hide details about body scanners. In November 2010, EPIC filed a Freedom of Information Act request with the agency regarding the deployment of body scanners in surface transit and street-roving vans. In its latest document release the agency supplied several papers that were completely redacted. As a result of the agency's failure to comply with the Freedom of Information Act, EPIC has filed suit to force disclosure of the records. For more information, see: EPIC: Body Scanner Technology and EPIC: FOIA Note #20.

EPIC and a coalition of privacy, consumer rights, and civil rights organizations filed a statement to the Department of Homeland Security. The group opposed proposed changes to the Watchlist Service, a secretive government database filled with sensitive information. The agency has solicited comments on the program, which entails developing a real-time duplicate copy of the database and expanding the groups and personnel with immediate access to the records. The groups focused on the security and privacy risks posed by the new system, as well as The Privacy Act. Passed by Congress in 1974, the Act requires DHS to notify subjects of government surveillance in addition to providing a meaningful opportunity to correct information that could negatively affect them. EPIC has testified before Congress and published a "Spotlight on Surveillance" report about the Watchlist program. For more information, see EPIC: Secure Flight and EPIC: Passenger Profiling.

The Transportation Security Administration has begun training screeners at Logan International Airport in Boston to engage in behavioral profiling of air travelers. The program authorizes Transportation Security Officers to ask airline passengers personal questions concerning their travel plans and employment. Some travelers will be subjected to additional, invasive searches based on their responses. For more, see EPIC: Air Travel Privacy.

The TSA has announced that it will begin installing software on millimeter wave body scanners that will display a generic stick figure on a computer monitor and not the naked bodies of individual air travelers. The TSA said this will address privacy concerns. However, there is no plan to install similar software on the more widely used backscatter x-ray devices. It is also still unclear whether t the body scanners are capable of capturing, storing, or transferring the underlying graphic naked image. Seeking to answer this question, EPIC filed a lawsuit, following the TSA's failure to provide an adequate response to EPIC's FOIA request. For more information see: EPIC: Body Scanner Technology.

As a result of a lawsuit brought by EPIC, the D.C. Circuit Court of Appeals has ruled that the TSA violated federal law when it installed body scanners in airports for primary screening across the country without first soliciting public comment. The Administrative Procedure Act requires federal agencies to provide notice and opportunity for comment when implementing a rule that affects the rights of the public. Writing for a unanimous court, Judge Ginsburg found there was "no justification for having failed to conduct a notice-and-comment rulemaking," and said, "few if any regulatory procedures impose directly and significantly upon so many members of the public." EPIC's brief alleged that airport body scanners are "invasive, unlawful, and ineffective," and that the TSA's deployment of the devices for primary screening violated the U.S. Constitution and several federal statutes. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology. Press Release.

The European Parliament has adopted a resolution that sets out strict safeguards for airport body scanners. The resolution requires that Member States only "deploy technology which is the least harmful for human health" and establish substantial privacy protection. The resolution prohibits the use of body scanners that use ionizing radiation. New guidelines also state that airport body scanners "must not have the capabilities to store or save data." EPIC currently is pursuing a lawsuit to suspend the use of body scanners in the United States, citing several federal laws and the US Constitution. EPIC has called the US airport body scanner program "invasive, ineffective, and unlawful." For more information, see EPIC: EPIC v. DHS (Suspension of Body Scanner Program) and EPIC: Whole Body Imaging Technology.

In a FOIA lawsuit against the Department of Homeland Security, EPIC has just obtained documents concerning the radiation risks of TSA's airport body scanner program. The documents include agency emails, radiation studies, memoranda of agreement concerning radiation testing programs, and results of some radiation tests. One document set reveals that even after TSA employees identified cancer clusters possibly linked to radiation exposure, the agency failed to issue employees dosimeters - safety devices that could assess the level of radiation exposure. Another document indicates that the DHS mischaracterized the findings of the National Institute of Standards and Technology, stating that NIST "affirmed the safety" of full body scanners. The documents obtained by EPIC reveal that NIST disputed that characterization and stated that the Institute did not, in fact, test the devices. Also, a Johns Hopkins University study revealed that radiation zones around body scanners could exceed the "General Public Dose Limit." For more information, see EPIC: EPIC v. Department of Homeland Security - Full Body Scanner Radiation Risks and EPIC: EPIC v. DHS (Suspension of Body Scanner Program).

The House has approved the 2012 budget for the Transportation Security Administration, cutting $270 million from the amount originally requested by the Agency. The cuts include $76 million that had been designated for the purchase of 275 airport body scanners. Leading lawmakers and activists have called attention to the health risks associated with the scanners, as well as their invasiveness. Representative Jason Chaffetz (R-UT) criticized the machines as “slow” and “ineffective.” Later this month, the Campaign for Liberty will host a Ban the Scan rally in New York that will feature anti-TSA activist and former Miss USA, Susie Castillo. The Campaign is working to eliminate body scanners in New York city. Rep. Chaffetz and Ms. Castillo will be among those honored at EPIC’s Annual Champion of Freedom Awards. For More Information, see EPIC: Whole Body Imaging Technology and EPIC: EPIC v. DHS: Suspension of Body Scanner Program.

A draft agreement between the United States and the European Union will allow the U.S. Department of Homeland Security to store passenger data for up to 15 years. The passenger data includes names, addresses, phone numbers, and credit card information, and even ethnic origin, political opinions, and details of health or sex life. The 15 year time period in the proposed agreement is three times that allowed under Europe's existing Passenger Name Record regime. Members of the European Parliament have said that the draft agreement violates fundamental rights and violates data protection laws. An earlier EU-US agreement on Passenger Name Records was struck down by the European Court of Justice. For more information, see EPIC: EU-US Airline Passenger Data Disclosure.

EPIC asked a federal court in Washington, DC to reconsider its earlier decision allowing the Department of Homeland Security to keep secret 2,000 airport body scanner images in EPIC's Freedom of Information Act lawsuit. The Court relied on a legal theory in its decision, "Exemption High b(2)," that was recently struck down by the Supreme Court in Navy v. Milner. In Milner, the Court held that FOIA exemption 2 only applies to records concerning employee relations and human resources issues. Milner overturns previous lower court decisions that applied the exemption to broader categories of records, allowing federal agencies to block disclosure of documents to the public. EPIC argues in its motion that the Department of Homeland Security is unlawfully withholding information about the airport scanners from the public. For more information, see EPIC-Milner v. Dept. of Navy and EPIC v. DHS - Body Scanners.

In a hearing before the House Oversight Subcommittee on National Security, EPIC urged Congress to suspend the use of airport body scanners for primary screening. EPIC said the devices were not effective and were not minimally intrusive, as courts have required for airport searches. EPIC cited TSA documents obtained in EPIC's FOIA lawsuit which showed that the machines are designed to store and transfer images, and not designed to detect powdered explosives. EPIC was joined on the panel by radiation expert Dr. David Brenner, who has frequently pointed out the radiation risks created by these machines. The TSA, which is a federal agency funded by taxpayer dollars and responsible for the body scanner program, originally refused to testify at hearing. Eventually they showed up. Chairman Jason Chaffetz, who had previously sponsored a bill regarding body scanners, grilled the TSA officials and said the hearing would continue with more questions. For more information see EPIC: Whole Body Imaging Technology and EPIC: EPIC v. DHS.

The Department of Homeland Security told a federal court that the agency believes it has the legal authority to strip search every air traveler. The agency made the claim at oral argument in EPIC's lawsuit to suspend the airport body scanner program. The agency also stated that it believed a mandatory strip search rule could be instituted without any public comment or rulemaking. EPIC President Marc Rotenberg urged the Washington, DC appeals court to suspend the body scanner program, noting that the devices are "uniquely intrusive" and ineffective. EPIC's opening brief in the case states that the Department of Homeland Security "has initiated the most sweeping, the most invasive, and the most unaccountable suspicionless search of American travelers in history," and that such a change in policy demands that the TSA conduct a notice-and-comment rule making process. The case is EPIC v. DHS, No. 10-1157. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.

On March 10, 2011, EPIC President Marc Rotenberg will present arguments against the TSA body scanner program before the US Court of Appeals for the District of Columbia Circuit. EPIC has said that body scanners are "invasive, unlawful, and ineffective," and that the TSA's deployment of the devices for primary screening violates the U.S. Constitution and several federal statutes. EPIC's opening brief states that the Department of Homeland Security "has initiated the most sweeping, the most invasive, and the most unaccountable suspicionless search of American travelers in history." EPIC has also cited the agency's failure to respond to the First EPIC Petition and the Second EPIC Petition, widely supported by a broad coalition of organizations, which challenged the deployment of the devices and called for a public rule making. The case is EPIC v. DHS, No. 10-1157. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.

The Inspector General of the Department of Homeland Security released a report finding that the agency's contract files did not "contain[] sufficient evidence of justification and approval, market research, and acquisition planning" for the $1.3 billion dollars in noncompetitive contracts the agency entered into in fiscal year 2010. The noncompetitive process raises doubts that the agency secured the "best possible value" for the goods and services and that the contracts were awarded to "eligible and qualified vendors." The IG recommended that the agency’s Chief Procurement Officer pursue corrective action plans. EPIC previously criticized the agency’s contracting practices regarding whole body scanners. For related information see EPIC: EPIC v. DHS: Body Scanners (Suspend the Program) and EPIC: EPIC v. DHS (FOIA).

Documents obtained by EPIC under the Freedom of Information Act reveal that the Department of Homeland Security has spent millions of dollars on mobile body scanner technology that could be used at railways, stadiums, and elsewhere. EPIC has already challenged the use of the devices in airports, calling them "invasive, ineffective, and unconstitutional." According to the documents obtained by EPIC, the federal agency plans to expand the use of these systems to monitor crowds, peering under clothes and inside bags away from airports. For more information, see EPIC: EPIC v. DHS (Suspension of Body Scanner Program) and EPIC: Whole Body Imaging Technology.

EPIC has opposed an effort by the Transportation Security Administration to provide secret evidence to the court in EPIC's challenge to the the airport body scanner program. The TSA claimed that it can withhold documents that it has designated "Sensitive Security Information" and scientific studies because they are "copyrighted materials." EPIC responded that the TSA failed to establish that the documents are Sensitive Security Information, and also that the TSA cannot withhold materials in a judicial proceeding because they are subject copyright. The argument before the DC Circuit in the case is scheduled for March 10. For more information, see EPIC: EPIC v. DHS: Body Scanners (Suspend the Program) and EPIC: EPIC v. DHS (FOIA).

Senator Udall (D-NM) has introduced a Senate Amendment 51 that would require the Transportation Security Administration to install "Automatic Target Recognition" software in all body scanners by January 1, 2012. The technology creates a "generic image" of airline passengers instead of the "peep show" images now produced by TSA devices and viewed by TSA officials. The TSA recently announced that it will begin testing new software at select U.S. airports. However, the TSA has not resolved concerns about image retention, health risks, or the effectiveness of the procedures. EPIC has filed a Freedom of Information Act lawsuit against the TSA for unlawfully withholding information about the body scanner technology. EPIC has a case in Federal Appellate court to suspend the use of the devices for primary screening in airports. For more information see EPIC - Whole Body Imaging Technology, EPIC - EPIC v. DHS (Suspend the program), EPIC - EPIC v. DHS (FOIA).

EPIC has filed a Freedom of Information Act lawsuit against the TSA for unlawfully withholding documents about software modifications to the Full-Body Scanners. EPIC submitted requests for these documents in June 2010 and October 2010. In response to mounting public criticism about the passenger screening program, the TSA recently announced that it would use "Automatic Target Recognition" software to mask the nude images of airline travelers that TSA officials currently view. However, documents obtained by EPIC in an earlier Freedom of Information Act lawsuit established that these procedures have the capability to store and record unfiltered images of passengers. EPIC has since filed a lawsuit to suspend the controversial screening program. The new case is EPIC v. Dep't of Homeland Security, No. 1:11-cv-00290. For more information see EPIC: Whole Body Imaging Technology and EPIC v. DHS (Suspension of Body Scanner Program).

In response to widespread public opposition to airport body scanners, the TSA has announced that it will begin testing new body scanner software at select U.S. airports that it claims is less revealing. But the new scanners will also allow TSA officials to observe the passengers as they are being scanned. Previously, TSA operators were stationed in a remote viewing room. The TSA has also not resolved concerns about image retention, health risks, or the effectiveness of the procedures. In June 2010, EPIC submitted a FOIA request for information about the technology. The agency has yet to respond. For more information see EPIC: Whole Body Imaging Technology and EPIC v. DHS (Suspension of Body Scanner Program).

A New Mexico jury exonerated civil rights activist Phil Mocek for refusing to show his identification to the TSA before boarding a plane and for filming TSA agents. Mocek has published footage of the incident, stemming from his attempt to board a flight in Albuquerque in 2009. Agents instructed Mocek to put down his camera. When he refused, insisting that TSA rules and regulations do not prohibit filming in publicly-accessible areas of the airport, agents raised their voices and accused him of "causing a disturbance." Police officers arrived on scene and informed Mocek that he was under criminal investigation for "disturbing the peace," demanding that he produce identification. Mocek carried no identification and was brought up on four separate charges relating to the incident. The jury in the case took an hour to deliberate and returned with a verdict of NOT GUILTY on all charges. EPIC is currently suing to strike down the TSA's body scanner checkpoint program and recently submitted a "Friend of the Court" brief urging the Supreme Court to limit police access to identity documents. For more information, see EPIC: EPIC v. DHS and EPIC: Tolentino v. New York.

A federal district court has granted the Department of Homeland Security's motion to conclude one of EPIC's Freedom of Information Act lawsuits. EPIC was seeking more than 2,000 images generated by airport body scanners held by the TSA. The DHS objected to the disclosure and the court sided with the government. The court relied on a legal theory, "Exemption High (b)(2)" that is currently under review by the Supreme Court in Milner v. Dept. of Navy. As a result of this lawsuit, EPIC obtained many documents concerning the airport screening program, including Procurement Specifications, Operational Requirements, traveler complaints, and vendor contracts with L3 and Rapiscan, that were subsequently made available to the public. EPIC may appeal the district court's decision as to the release of the body scanner images. For more information see EPIC:EPIC v. DHS and EPIC: Body Scanners. (Press Release)

Evidence mounts that TSA’s whole-body scanners are not designed to detect powdered explosives or other low-density materials that pose a threat to airline safety. Leon Kaufman and Joseph W. Carlson’s new study finds that “Even if exposure were to be increased significantly, normal anatomy would make a dangerous amount of plastic explosives with tapered edges difficult, if not impossible to detect.” Kaufman and Carlson’s study examined the imaging and device specifications of the backscatter machines to estimate the penetration and exposure to the body from the x-ray beam and the machines’ sensitivity to contraband. The authors’ study also echoes concerns about the health risks associated with the backscatter devices. EPIC has filed a lawsuit against the Department of Homeland Security to suspend the body scanner program because it is "unlawful, invasive, and ineffective." For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.

The United States Court of Appeals for the District of Columbia Circuit has finalized a briefing schedule in EPIC's case, No. 10-1157, against the Department of Homeland Security. The court has set a December 23, 2010 deadline for the agency's brief and a January 6, 2011 deadline for EPIC's reply. Final briefs will be due on January 27, 2011. EPIC has filed suit against the Department of Homeland Security to suspend the body scanner program because it is "unlawful, invasive, and ineffective." In its opening brief, EPIC argued that the federal agency has violated the Administrative Procedures Act, the Privacy Act, the Religious Freedom Restoration Act, the Video Voyeurism Prevention Act, and the Fourth Amendment. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology.

A new poll by Zogby International finds that 61% of Americans polled between Nov. 19 and Nov. 22 oppose the use of full body scans and TSA pat downs. Of those polled, 52% believe the enhanced security measures will not prevent terrorist activity, almost half (48%) say it is a violation of privacy rights, 33% say they should not have to go through enhanced security methods to get on an airplane, and 32% believe the full body scans and TSA pat downs to be sexual harassment. The Zogby Poll is the most recent survey of American opinion on the new airport screening procedures. Combined with earlier polls by USA Today and the Washington Post-ABC News, the Zogby Poll reflects declining support for the TSA program.

EPIC is making available to the public today the report EPIC prepared in January 2010, following the release of documents from the DHS in an open government lawsuit. The analysis, based on the internal records obtained from the agency, reveals that the "device specifications, set out by the TSA, include the ability to store, record, and transfer images, contrary to the representations made by the TSA...include hard disk storage, USB integration, and Ethernet connectivity that raise significant privacy and security concerns...include "super user" ("Level Z") status that allows the TSA itself to disable filters and to export raw images..." The EPIC memo states "Based on the materials received to date, EPIC concludes that further deployment and contracting for body scanners should be suspended until the privacy and security problems identified are adequately resolved." The documents were obtained in EPIC v. DHS (FOIA) EPIC has since filed papers in federal court to suspend the program. See EPIC v. DHS (body scanners).

Rep. Bennie G. Thompson (D-MS) and Rep. Sheila Jackson-Lee (D-TX), two leading members of Congress, have sent a letter to TSA Administrator John S. Pistole, objecting to the new airport screening procedures. Reps. Thompson and Lee wrote, "we are concerned about new enhanced pat down screening protocols and urge you to reconsider utilization of these protocols." Reps. Thompson and Lee further said that "the TSA should have had a conversation with the American public" and should have ensured that "these changes do not run afoul of privacy and civil liberties." EPIC has filed a lawsuit against the TSA for failing to provide an opportunity for public comment, which is required by law, and implementing a screening procedure that violates privacy. EPIC President Marc Rotenberg has called the new screening procedures "invasive, unlawful, and ineffective." For more information, see EPIC: Whole Body Imaging and EPIC: EPIC v. DHS.

EPIC has filed a Freedom of Information Act lawsuit against the Department of Homeland Security, seeking records concerning radiation emissions and exposure associated with airport full body scanners. The Department recently implemented the scanners as a primary screening mechanism for all airline travelers. In August, many senators questioned the safety of the scanners. In September, Ralph Nader also sent a letter to the Senate expressing concern about radiation exposure. Earlier this year, EPIC requested DHS to release all information about radiation emissions. DHS failed to respond to EPIC's FOIA request and when DHS also failed to reply to EPIC's administrative appeal, EPIC filed a lawsuit in federal court. Earlier EPIC FOIA lawsuits uncovered evidence that body scanners can store and record images and that the Marshals Service had captured more than 35,000 images. For more information see, EPIC v. DHS (Body scanner images) and EPIC v. DOJ (Body scanner images).

Representative Ron Paul introduced a bill that would hold TSA agents legally accountable for airline screening procedures. Rep. Paul cited abusive screening procedures as the reason for the legislation, titled the American Traveler Dignity Act. In a floor speech, Representative Paul also endorsed National Opt-Out Day, a grassroots movement of passengers who plan to refuse the devices on November 24th. EPIC is suing in federal court to suspend the body scanner program. For more information, see EPIC: Whole Body Imaging and EPIC: EPIC v. DHS.

In a motion filed in the DC Circuit Court of Appeals, the Department of Homeland Security has attempted to exclude religious objector Nadhira Al-Khalili from EPIC's body scanner lawsuit. Ms. Al-Khalili is Legal Counsel for the Council on American Islamic Relations, one of the organizations that supported EPIC's petition, which is the basis for the challenge to the body scanner program. Ms. Al-Khalili's claims are based on the Religious Freedom Restoration Act and Islamic modesty requirements. EPIC has opposed the government's motion and stated that the agency is "simply afraid to have the Religious Freedom Restoration Act claims heard by this Court." EPIC further argued that "Respondents hope by seeking to exclude Ms. Al- Khalili . . . they will avoid judicial scrutiny of an agency practice that substantially burdens the free exercise of religion in violation of federal law." For more information, see EPIC: EPIC v. DHS (Emergency Stay, Body Scanners) and EPIC: Whole Body Imaging Technology.

Libertarian Party Chair Mark Hinkle said today, "The TSA should end the strip-search machine program immediately. We've reached a point where our government has no qualms about humiliating us." Mr. Hinkle expressed support for the EPIC lawsuit aimed at suspending the body scanner program. Mr. Hinkle further said, "We encourage Americans to call their newly-elected members of Congress and tell them that they don't want this expensive, worthless, intrusive, unconstitutional program." The Libertarian Party is America's third-largest political party. For more information, see EPIC v. DHS.

EPIC has filed the opening brief in EPIC v. DHS, No, 10-1157, a case that challenges the unilateral decision of the TSA to make body scanners the primary screening technique in U.S. airports. Three frequent air travelers are joining EPIC in the lawsuit: security expert Bruce Schneier, human rights activist Chip Pitts, and the Council on American-Islamic Relations legal counsel Nadhira Al-Khalili. The Petitioners have brought claims under the Administrative Procedure Act, the Privacy Act, the Video Voyeurism Prevention Act, the Religious Freedom Restoration Act, and the Fourth Amendment. The Petitioners are seeking the suspension of the body scanner program. In its brief, EPIC argues that the Department of Homeland Security "has initiated the most sweeping, the most invasive, and the most unaccountable suspicionless search of American travelers in history." EPIC further argues that the Transportation Security Administration "must comply with relevant law, and it must not be permitted to engage in such a fundamental change in agency practice without providing the public the opportunity to express its views." For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology. UPDATE: Read EPIC's press release here.

EPIC has filed an appeal with the Transportation Security Administration, challenging the agency's denial of expedited processing and fee waivers for an EPIC Freedom of Information Act request. EPIC's is seeking documents from the TSA concerning full body scanner radiation risks and testing. EPIC challenged the TSA's denial of expedited processing, arguing that by delaying to release of the records, the agency was risking the health of travelers and its own employees. EPIC also argued that the record request was particularly timely, as three US Senators recently wrote to the Department of Homeland Security about the safety of the airport body scanners and the risk to air travelers. Separately, EPIC has urged a federal court to suspend the program, pending an independent review of the health risks and privacy impact. For more information, see EPIC: Body Scanners and EPIC v. DHS (suspension of program).

The Chairman and Ranking Member of the Homeland Security Committee, along with four other Senators, have sent a letter to the head of the US Marshal Service to ask why the federal agency stored more than 35,000 images from whole body imaging scans taken at the Orlando federal courthouse. The letter follows a Freedom of Information Act lawsuit, filed by EPIC, in which the Marshal Service was forced to disclose the fact that it had stored body scanner images. EPIC has also filed an emergency motion in federal court to suspend the program, pending a thorough review of the airport body scanner program. For more information, see EPIC: Whole Body Imaging Technology and EPIC v. DHS (Suspension of Body Scanner Program).

Three U.S. Senators have objected to the Department of Homeland Security's expansion of the airport body scanner program. In a letter to DHS Secretary Janet Napolitano, Senators Collins (R-ME), Burr (R-NC), and Coburn (R-OK) have asked "why the Department continues to purchase this technology when legitimate concerns about its safety appear to remain unanswered." The Senators noted that "the issue of radiation associated with the backscatter x-ray AIT machines has not been adequately addressed by TSA." They urged the agency's Chief Medical Officer, working with independent experts, to conduct a review of the health effects on travelers and airport personnel. EPIC recently submitted a FOIA request to the DHS for all records of tests conducted by the agency regarding radiation impacts. EPIC has also filed an emergency motion in federal court to suspend the program, pending an thorough review of the airport body scanner program. For more information, see EPIC: Whole Body Imaging Technology and EPIC v. DHS (Suspension of Body Scanner Program).

Today, EPIC filed a reply in its case against the Department of Homeland Security, EPIC v. DHS,10-1157. EPIC had previously filed a petition and motion for emergency stay, asking the court to suspend the use of the machines. EPIC argued that the use of body scanners for primary screening in U.S. airports violates several federal laws and the Fourth Amendment. In its reply to the government's motion, EPIC also cited the growing public opposition to the program, the decision of major airports not to use body scanners, as well as the agency's failure to adequately address Constitutional concerns. For more information, see EPIC: Body Scanners and EPIC v. DHS.

Today EPIC filed a Freedom of Information Act request with the Department of Homeland Security for studies conducted by the agency and third parties concerning radiation and health testing of body scanners. The EPIC request follows a recent report by Dr. David Brenner to the Congressional Biomedical Caucus that radiation exposure may be up to twenty times greater than the DHS acknowledged. In April 2010, several scientists urged Presidential Science Adviser Dr. John P. Holdren to conduct further evaluation of the health risks of body scanners. EPIC is pursuing FOIA litigation against the DHS regarding full body scanners, and has also filed a lawsuit to halt the use of the devices. For more information, see: EPIC: Body Scanners and EPIC v. DHS.

Senators Klobuchar (D-MN) and Bennett (R-UT) have introduced a bill that would mandate the deployment of full body scanners in US airports. The bill would make Full Body Scanners the primary screening technique. The bill would provide for an alternative screening method for passengers with "privacy concerns." The bill contains particularly weak privacy provision that ignore many of the problems with the devices already uncovered. In 2008, the House passed legislation to prevent the use of body scanners as primary screening devices. Documents later obtained by EPIC established that the TSA required that Full Body Scanner have the ability to store, record, and transfer detailed images of naked air travelers. EPIC has recently filed suit against the Department of Homeland Security to require that the program be suspended, pending an independent review. For more information, see: EPIC: Body Scanners and EPIC v. DHS.

Today EPIC filed a petition for review and motion for an emergency stay, urging the District of Columbia Court of Appeals to suspend the TSA's full body scanner program. EPIC said that the program is "unlawful, invasive, and ineffective." EPIC argued that the federal agency has violated the Administrative Procedures Act, the Privacy Act, the Religious Freedom Restoration Act, and the Fourth Amendment. EPIC cited the invasive nature of the devices, the TSA's disregard of public opinion, and the impact on religious freedom. EPIC, and more than two dozens organizations, previously petitioned the agency for a public rulemaking, which the TSA disregarded. EPIC has also testified in Congress about the problems with the body scanner program. Members of the Senate, Ralph Nader, and European officials have also expressed concern. The case is EPIC v. DHS, No. 10-1157. For more information, see EPIC: Body Scanners.

EPIC's Freedom of Information Act lawsuit against the State Department, EPIC v. State, has produced a report detailing security breaches of passport data for several Presidential candidates. Federal investigators prepared the report in the wake of March 2008 breaches that exposed Barack Obama, Hillary Clinton, and John McCain's personal information. Previously secret sections state "the Department was ineffective at detecting possible incidents of unauthorized access," and criticized the agency's failure to "provide adequate control or oversight." Portions of the report remain secret - the agency hasn't fully implemented investigators' recommendations. EPIC testified before the Senate in 2008 concerning the security breaches, urging lawmakers to limit employee and contractor access to personal data. For more, see EPIC Passport Privacy and EPIC Open Government.

A report prepared for the European Parliament and the European Council on the controversial proposal to deploy body scanners at European airports warns of "a serious risk of fragmenting fundamental rights of EU citizens, impeding their rights of free movement, and escalating their health concerns related to new security technologies." The report recommends common European standards to ensure the protection of fundamental rights and to address health concerns. The report also recommends security scanners that are less intrusive and pose fewer health risks than those currently deployed in US airports. Earlier this year, EPIC and Ralph Nader urged President Obama to suspend the airport body scanner program until "a comprehensive evaluation of the devices' effectiveness, health impacts, and privacy safeguards is completed by an independent board of review." For more information, see EPIC: Whole Body Imaging.

In a May 28, 2010 letter to a coalition of organizations, the Transportation Security Administration defended its use of full body scanner machines. The Agency claimed that the machines are safe, effective, and do not violate existing statutes or impermissibly infringe on Americans' Constitutional Rights. This letter is a response to an April 21, 2010 petition in which EPIC and 30 organizations urged the TSA to suspend the full body scanner program due to Constitutional, statutory, health, and effectiveness concerns. In 2009, the organizations petitioned the agency to undertake a formal request for public comments. The agency never acted on the request. For more information, see EPIC: Whole Body Imaging Technology and EPIC v. Department of Homeland Security.

EPIC and a broad coalition of organizations sent a formal petition to the Department of Homeland Security to demand that the agency suspend the airport body scanner program. The petition states that the "uniquely intrusive search" is unreasonable and violates the Constitution. The petition further states the program fails to comply with several federal laws, including the Religious Freedom Restoration Act , the Privacy Act of 1974, and the Administrative Procedures Act. The petitioners also argue that the machines are ineffective and that there are better, less costly security technology. The petitioners contend that the TSA has routinely misled the pubic about the ability of the devices to store and transmit detailed images of travelers' naked bodies. In a Freedom of Information Act lawsuit, EPIC has already obtained technical documents, vendor contracts, and hundreds of traveler complaints. EPIC is seeking additional documents. For more information, see EPIC: Whole Body Imaging Technology and EPIC: EPIC v. Department of Homeland Security.

As a result of a Freedom of Information Act lawsuit, EPIC has obtained hundreds of pages of documents from the Department of Homeland Security about the plan to deploy full body scanners in US airports. A letter to EPIC reveals that the government agency possesses about 2,000 body scanner photos from devices that the DHS said earlier "could not store or record images." EPIC has also obtained the most recent device procurement specifications, and several hundred new pages of traveler complaints. For more information, see EPIC: Whole Body Imaging and EPIC: EPIC v. Department of Homeland Security.

Three United States Senators have written a letter to Secretary Napolitano of the Department of Homeland Security, urging the Department to reconsider the whole body scanners currently planned for U.S. airports. Senators Collins (R-ME), Kyl (R-AZ), and Chambliss (R-GA) encouraged Secretary Napolitano to consider "auto-detection" devices instead of human screeners to address privacy concerns. The Senators noted that the current technology allows airport officials to "view detailed images of passengers’ bodies" and also that other systems could "save the government and airports money on physical space for screening." For more information, see EPIC: Whole Body Imaging Technology.

A meeting between top United States counter-terrorism officials and European counterparts ended in Madrid today with no agreement to restart a program that gave the US access to European financial data. The Terrorist Finance Tracking Program
operated in secret from 2001 to 2006. European legislators objected to the program as a violation of EU privacy law. There also appeared to be no EU support for the further deployment of body scanners in European airports. EPIC has raised several objections to the body scanner program, including a letter with Ralph Nader to the administration, Congressional Testimony, and open government litigation, which revealed that the devices store and record images. For more information, see EPIC International Privacy Standards, EPIC Lisbon Treaty, EPIC Body Scanners.

In response to a Congressional inquiry, led by Congressman Bennie Thompson, the Transportation Security Agency acknowledged that images on body scanner machines would be recorded for "testing, training, and evaluation purposes." The TSA also did not dispute that test mode could be activated in airports, but said this "would" not happen. As part of an ongoing lawsuit, EPIC had previously obtained TSA documents describing the machines' capabilities to store and transmit detailed images of travelers' naked bodies. For more information, see EPIC: Whole Body Imaging Technology.

Civil liberties, consumer rights, air travel, and religious organizations have asked President Obama to "suspend the further deployment of body scanners in US airports." The organizations said that the scanners are "contributing to a negative perception of the United States" and noted the "sincerely held religious opposition to the digital undressing of air travelers by TSA officials." For more information, see EPIC: Whole Body Imaging, Stop Digital Strip Searches, and Privacy Coalition.

In testimony before the House Committee on Homeland Security, EPIC President Marc Rotenberg urged Congress to halt the plan to deploy body scanners in the nation's airports. "Based on the documents we've obtained, the views of experts, the concerns of American, and the extraordinary cost, Congress should suspend the program," said Mr. Rotenberg. In a recent letter to President Obama, EPIC and Ralph Nader recommended an independent review to assess health impacts, privacy safeguards, and the actual effectiveness of the devices. Through FOIA litigation, EPIC has obtained technical specifications, vendor contracts, and hundreds of complaints from US air travelers about the body scanners (Part 1, Part 2, Part 3, Part 4, Part 5). A recent report from the GAO has also raised questions about the effectiveness and cost of the devices. For more information, see EPIC Whole Body Imaging and EPIC Air Travel Privacy.

In response to an EPIC Freedom of Information Act lawsuit, the Department of Homeland Security and the Transportation Security Administration (TSA) released more documents about body scanners in US airports. The documents include many complaints from travelers who went through the devices. Travelers reported that they were not told about the pat down alternative or that they were going to be subject to a body scan by TSA officials. Travelers also expressed concern about radiation risks to pregnant women and the image capture of young children without clothes. EPIC has previously obtained whole body imaging vendor contracts, operational requirements, and procurement specifications from TSA. EPIC and Ralph Nader have urged President Obama to suspend the program until an independent review is completed. For more information see EPIC: Whole Body Imaging Technology.

The Government Accountability Office (GAO) recently released a report regarding the deployment of body scanners. The GAO cited its 2009 recommendations to the Transportation Security Administration (TSA): that the TSA conduct operational tests to ensure that the whole body imaging machines are reliable, and the that TSA conduct an assessment of the whole body imaging machines' vulnerabilities. In its latest report, the GAO warned TSA of the importance of full operational tests, citing the puffer machine debacle as an example of the government waste that results from insufficient operational testing. The GAO also expressed concern over TSA's lack of complete risk assessments and inability to "provide documentation to show how they have addressed the concerns raised in the 2009 GAO report regarding the susceptibility of the technology to terrorist tactics." Because of this, the GAO concluded that it is unclear whether the body scanners or other technologies would have detected the weapon used in the December 25 attempted attack. For more information, see EPIC: Whole Body Imaging Technology and Body Scanners.

In a letter to the White House, consumer advocate Ralph Nader and EPIC President Marc Rotenberg have asked President Obama to suspend the deployment of body imaging devices until "a comprehensive evaluation of the devices' effectiveness, health impacts, and privacy safeguards is completed by an independent board of review." Mr. Nader and Mr. Rotenberg point to a recent workshop at which experts noted that the devices are ineffective, that health risks have not been assessed, and that the TSA has misrepresented the privacy safeguards. They also said that air travelers subject to secondary screening who are actually familiar with the capabilities of body scanners would prefer a pat-down search to a body scan for both privacy and religious reasons. European governments are currently undertaking a three-month review of the body scanner proposal. For more information see EPIC: Whole Body Imaging.

Today the Center for the Study of Responsive Law (CSRL) and EPIC hosted an event: “Airport Body Scanners Under the Microscope: Not Such a Pretty Picture.” The event featured keynote speeches by Ralph Nader and Marc Rotenberg, president of EPIC. The event also included two panels, the first of which focused on the problems with body scanners, and the second of which dealt with the political opportunities that exist to combat the widespread utilization of the scanners. The event included talks by experts on radiation, airport security, religious and constitutional ramifications of whole body imaging, and the international response to whole body imaging machines. EPIC Staff Counsel, Ginger McCall, discussed documents that EPIC recently received that reveal that the machines can store and transmit images. Katitiza Rodriguez, director of EPIC’s International Privacy Project, discussed the EU’s decision to postpone the use of these machines until a full privacy and health risk assessment can be completed. For more information see: EPIC: Whole Body Imaging.

On January 19, EPIC filed comments with the US Customs and Border Protection (CBP), urging the agency to “to revise its establishment of the Global Entry program and to reconsider the privacy and security implications of the program.” CBP proposed to make permanent the Global Entry program, under which pre-registered international travelers can bypass conventional security lines by scanning their passports and fingerprints at a kiosk, answering customs declaration questions, and then presenting a receipt to Customs officials. EPIC urged CBP to ensure that Global Entry complied with the Privacy Act and to conduct a separate Privacy Impact Assessment. Those measures are particularly pressing in light of recent problems, including data breaches and bankruptcy, experienced by “Clear,” a similar registered traveler program. In 2005, EPIC testified before Congress that the absence of Privacy Act safeguards for registered traveler programs would jeopardize air traveler privacy and security. For more information, see EPIC Global Entry, EPIC Air Travel Privacy, EPIC Biometric Identifiers, EPIC Automated Targeting System, and EPIC Whole Body Imaging.

Leading privacy law scholars Anita Allen and Jeffrey Rosen, acclaimed author and surveillance authority James Bamford, world renowned security technologist Bruce Schneier, and EPIC President Marc Rotenberg will be at the National Press Club, on Monday, January 25 at 8:30 a.m. for a panel discussion on "Body Scanners and Privacy." The event takes place as Congress is in the middle of hearings to determine whether to deploy full body imaging devices in US airports.

EU President Alfredo Perez Rubalcaba announced today that European countries would not rush to install body scanners as the United States has urged. He said that there will first be studies to determine whether the devices "are effective, do not harm health, and do not violate privacy." The European countries have agreed that they will adopt a unified position on the body scanner proposal. European Minister Viviane Reding stated that "Europe's need for security cannot justify an invasion of privacy. Our citizens are not objects: they are human beings." Previous post-9/11 disputes between the US and the EU have involved the transfer of Passenger Name Records and financial information. The European position in the current dispute is strengthened by the recent adoption of the Lisbon Treaty and the entry into force of the Charter of Fundmental Rights. EPIC has scheduled a press conference at the National Press Club on January 25 on "Body Scanners and Privacy.” For more information, see EPIC: Whole Body Imaging Technology.

EPIC has filed a second FOIA lawsuit, demanding the release of the full resolution images captured by airport "digital strip search" machines. EPIC's suit against the Department of Homeland Security also seeks records detailing air traveler complaints and security breaches that may have exposed data to unauthorized individuals. The TSA has called for mandatory use of the body scanners in all US airports. A prior EPIC lawsuit forced the disclosure of documents that reveal that TSA officials can disable privacy filters and export raw image files. For more information, see EPIC Whole Body Imaging Technology and EPIC Open Government.

In widely reported remarks, Viviane Reding, the Justice Minister for the 27-member European Union, has expressed opposition to the US proposal to deploy body scanners. Minister Reding told the European Parliament, "Our citizens are not objects. They are human beings." Ms. Reding also emphasized data protection and the Charter of Fundamental Rights, which establishes new rights for EU citizens, including a right to information privacy. Previous post-9/11 disputes between the US and the EU have involved the transfer of Passenger Name Records and financial information. For more information, see EPIC Passenger Profiling.

As a result of a Freedom of Information Act lawsuit, EPIC has obtained the TSA technical specifications and the vendor contracts for Whole Body Imaging devices, commonly called "body scanners." The documents reveal that TSA mandated that the devices have hard disk storage, USB access, and ethernet connectivity. The documents obtained by EPIC also detail a "Level Z" authority for TSA that allows the security agency to disable privacy filters and to export raw image files. The documents will be posted later today. EPIC is pursuing other information from the agency, including policy guidance. For more information, see EPIC's Whole Body Imaging page.

Today President Obama discussed the airplane attack on Christmas Day. The President pledged to investigate and address intelligence failures that allowed an Al Qaeda operative to board a plane with an explosive device. President Obama stated "this was not a failure to collect intelligence, it was a failure to integrate and understand the intelligence we already had." The President said that steps would be taken to improve watch lists. The President also recommended "smarter screening" at the nation's airports, but did not endorse an expansion of whole body imaging devices. For more information, see EPIC: Whole Body Imaging Technology, EPIC's Spotlight on Surveillance, and FB Group: Stop Airport Strip Searches.

On December 25, 2009, Umar Farouk Abdul Mutallab, a Nigerian citizen, attempted to detonate explosives hidden in his underwear during a Christmas Day flight. Abdul Metallab was en route from Amsterdam, Netherlands to Detroit, Michigan when he attempted to detonate the device, which resulted in a fire on board the aircraft. In the days following the attack, some advocated for wider implementation of whole body imaging machines. Privacy organizations and others have continued to object to these devices, citing the invasive nature of the scans, the ineffectiveness of the machines and the lack of government transparency concerning privacy safeguards. For more information see EPIC: Whole Body Imaging Technology.

On December 17, 2009, EPIC filed a lawsuit against the Department of Justice concerning the use of devices that capture images of individuals stripped naked. The Transportation Security Administration has confirmed the Whole Body Imaging machines are being used in at least one Virginia federal court by the US Marshal Service. EPIC submitted a FOIA request for information about these devices including the contracts with the manufacturer of the machines, and information about technical specifications and training materials. The Marshal Service failed to respond adequately to the request. EPIC filed suit, said that the agency had not performed a sufficient search and should disclose the documents requested. For more information, see EPIC's Open Government Page and Whole Body Imaging Page.

Today, the Department of Homeland Security proposed to make permanent Global Entry, a program the agency says will “streamline the international arrivals and admission process at airports for trusted travelers through biometric identification.” Under the proposed system, pre-registered international travelers can bypass conventional security lines by scanning their passports and fingerprints at a kiosk, answering customs declaration questions, and then presenting a receipt to Customs officials. The DHS announcement follows the recent news that Clear, a Registered Traveler program, had entered bankruptcy, raising questions about the possible sale of the biometric database that was created. In 2005, EPIC testified before Congress that the absence of Privacy Act safeguards for Registered Traveler programs would jeopardize air traveler privacy and security. The agency is taking comments on the proposal. For more information, see EPIC Air Travel Privacy, EPIC Biometric Identifiers, EPIC Automated Targeting System, and EPIC Whole Body Imaging.

EPIC filed a Freedom of Information Act lawsuit challenging the Department of Homeland Security's failure to make public details about the agency's Whole Body Imaging program. The devices capture detailed naked images of air travelers in the United States. After the agency announced that the body scanners would become the primary screening device in US airports, EPIC demanded that the agency disclose records that describe the scanners' capacity to save and transmit images. In June, EPIC sent a letter to the Secretary of Homeland Security Janet Napolitano urging her to suspend the digital strip searches. For more, see EPIC Backscatter X-ray, Whole Body Imaging and EPIC Air Travel Privacy.

The Department of Homeland Security released a Privacy Impact Assessment for searching electronic devices possessed by travelers, including US citizens, at US borders. The agency determined that laptops and cell phones are equivalent to briefcases and backpacks and granted itself broad authority to seize these devices from travelers and to copy stored data whether or not wrongdoing is suspected. The DHS policy fails to comply with the intent of the federal Privacy Act and leaves US citizens returning to the United States subject to surveillance by government and an enhanced risk of identity theft. See EPIC Traveler Privacy.

Leaders of the House Homeland Security Committee sent a letter to the Transportation Security Administration regarding the bankruptcy of Verified Identity Pass, the parent company for the Clear registered traveler (RT) program. Clear was the largest RT program in the nation operating out of 20 airports with about 165,000 members. The TSA established RT security, privacy and compliance standards for the Clear program and bolstered the company's credentials with the traveling public. The Clear RT application process collected a great deal of personal information from members, such as proof of legal name, data of birth, citizenship status, home address, place of birth, and gender. The information was used to pre-screen travelers for express service through airport security checkpoints. The committee is investigating among other things: when the TSA became aware of the bankruptcy; whether they have asked the company for its plan regarding its RT data; if the agency is seeking a privacy impact assessment on the bankruptcy; and whether the agency has a contingency plan for safeguarding the data now that the company has gone out of business. See EPIC Air Travel Privacy and EPIC Secure Flight

The Transportation Security Administration has replied to the Privacy Coalition statement on whole body imaging systems. The agency claims that the Privacy Impact Assessment (PIA) provides adequate protection. The Privacy Coalition letter pointed out that "the devices are designed to capture, record, and store detailed images of individuals undressed" and said that "If the public understood this, they would be outraged by the use of these devices by the US government on US citizens." The Privacy Coalition said that the use of the devices should be suspended pending an investigation. The letter was prompted by the TSA's announcement that Whole Body Imaging would replace metal detectors as the primary screening technique at US airports. The House of Representatives recently passed legislation that would establish clear privacy safeguards for the devices. See also EPIC's page on Whole Body Imaging.

Verified Identity Pass, a company that provided the Registered
Traveler program, under the brand name "Clear" shut down operation on June 22, 2009 citing inability to "negotiate an agreement with its senior creditor." The Clear program provided travelers who had undergone an extensive background check to go through special security lines at airports. The screening process
required extensive data collection, including biometric identifiers, from passengers. The closure raises concern about the transfer of the customer data, which may be attached by creditors in a bankruptcy proceeding. Clear's Privacy Policy is silent on the
issue. At a 2005 Congressional hearing, EPIC warned that the absence of Privacy Act safeguards would post a security risk to Clear customers. See also EPIC's page on Registered Traveler
Card.

Temporary Agreement Reached on Transfer of Passenger Data The United States and the European Union have established a temporary arrangement for the transfer of personal information on European travelers that will expire in July of 2007. An earlier agreement was annulled by the European Court of Justice. The new agreement gives the Europeans greater control over the disclosure of passenger data to the United States. However, it leaves unresolved whether the United States has adequate privacy protections to safeguard the private information of European consumers. For more information, see the EPIC pages on Air Travel Privacy and EU-US Airline Passenger Data Disclosure. (Oct. 6)

US, Europeans Fail to Reach Accord on Passenger Data The European Union and the United States are in a "legal vacuum" three months after the European Court of Justice struck down the passenger name record deal that allowed the transfer of personal information on European travelers to the U.S. government. European airlines face lawsuits by European citizens for violating European privacy laws if the information is disclosed to the U.S. without a new agreement. European consumer organizations have called for strong safeguards for personal data. Officials say negotiations will continue. More information at EPIC pages on Air Travel Privacy and EU-US Airline Passenger Data Disclosure. (Oct. 3).

European and US Consumer Groups Urge Privacy Safeguards for Air Travel Information. The Trans Atlantic Consumer Dialogue has written to Homeland Security Secretary Michael Chertoff and European Commissioner Franco Frattini recommending the establishment of legal protections for passenger information collected by the US government. The letter follows an earlier statement from TACD that identified numerous risks to consumers that would result from the disclosure of detailed personal information. The TACD letter responds to Secretary Chertoff's recent call for increased government snooping. EPIC has filed a Freedom of Information Act request with the Department of Homeland Security regarding the program and whether adequate privacy safeguards have been established. The European Court of Justice earlier held that there was no legal basis for the Homeland Security program. For more information, see EPIC's air travel privacy page. (Sept. 13)

Senate Subcommittee Holds hearings on Airline Passenger Screening. On September 7, the Senate Subcommittee on Terrorism, Technology, and Homeland Security will hold a hearing on pre-screening international travelers who are flying into the United States. A Homeland Security program that acquired European passenger name records for pre-screening was opposed for its privacy violations by the European Parliament, and struck down by the European Court of Justice earlier this year. Homeland Security Secretary Chertoff has announced plans not only to revive the program, but also to expand certain aspects of it. For more information, see EPIC's Passenger Data page. (Sept. 5)

DHS Seeks Expanded Access to Travelers' Data. The Department of Homeland Security recently proposed expanding a program that would transfer detailed airline passenger recordsbetween European airlines and the US government. In 2003, the Department secretly entered into an agreement with European governments to obtain personal information on European travelers to the United States. The European Parliament challenged the agreement and the European Court of Justice recently ruled that the agreement lacked a legal basis. Negotiators have until September 30 to come up with a program that complies with European privacy law. (Aug. 22)

Registered Traveler Hits Turbulence. The Transportation Security Administration says security concerns have delayed the controversial air passenger prescreening program Registered Traveler, which was to be rolled out beginning Tuesday. EPIC has testified previously (pdf) and submitted comments (pdf) about the flawed program, warning that problems with watch list errors have not been resolved, that there are no legal safeguards to prevent misuse, and that "mission creep" is almost certain. For more information, see EPIC's Spotlight on Surveillance and Passenger Profiling pages. (Jun. 22)

European Court Rejects Data Transfer to US. The European Court of Justice has just ruled that the 2004 airline passenger data transfer agreement (pdf) between the U.S. Department of Homeland Security and the European Union is to be voided after September 30, 2006. The Court held that the agreement was illegal because it exceeded the scope of the EU 1995 Directive on data protection, which excludes operations concerning public security, defense, state criminal law and state security. Since the framework for data transfer was dictated by public authorities, and amounted to processing operations concerning public security, the Court held that the Commission lacked legal competence under the Directive to address public and state security issues. Privacy International describes the holding as a "pyrrhic victory" because the Court ruled on the basis of legal authority, and did not address the privacy implications of the transfer of the personal data to the U.S. The European Data Protection Supervisor is concerned that the ruling has created a loophole because it is uncertain that the Directive protects data collected for commercial reasons but used for police matters. (May 30)

EPIC Urges Privacy Safeguards for Traveler Database. In comments (pdf) to Customs and Border Protection, EPIC opposed the agency's plan to exempt a vast database from legal requirements that protect privacy and promote government accountability. The Global Enrollment System would include employment history and biometric data. Among many possible activities, the agency will use this system to determine which travelers are "low-risk" and eligible for the "Trusted Traveler" program. EPIC warned that the absence of effective redress procedures would leave many travelers improperly designated as "high-risk." For more information, see EPIC's Passenger Profiling page. (May 22)

EPIC Joins Campaign Against Biometric Identification. Civil liberties organizations have sent a letter to the International Civil Aviation Organization (ICAO) regarding their plans to include biometric identifiers such as fingerprints and facial scans on all newly issued electronic passports. The letter, organized by Privacy International, warns this will lead to the first truly global database of biometric information. For more information, read the letter from the Campaign, see EPIC's biometrics page, and read a story by the BBC. (Mar. 30)

EPIC Suit Uncovers Watchlist Errors. EPIC has uncovered agency documents through the Freedom of Information Act that raise important questions about how the Transportation Security Administration currently operates the "No-Fly" watchlist. The concerns surrounding the agency's administration of the list previews several potential problems with the proposed roll out of CAPPS-II, the Enhanced Computer Assisted Passenger Pre-screening System. For more information, see EPIC's analysis of the FOIA documents. (Apr. 1)

Senators Want Answers on Air Profiling. The Senate Commerce Committee has unanimously agreed to an amendment (pdf) by Sen. Ron Wyden (D-OR) that would require the Transportation Security Administration to report to Congress on the privacy and civil liberties implications of the controversial CAPPS-II air passenger profiling system. See EPIC's Passenger Profiling page for more information. (Mar. 13)

EPIC Comments on Air Travel Database. EPIC submitted comments on a Transportation Security Administration (TSA) proposal [PDF] to create a new database of Aviation Security Screening Records on all airline passengers. EPIC argued that the proposed system did not provide sufficient information for the public to contribute meaningfully to this rule-making procedure, and that the proposed system would infringe on the Constitutional right of association and travel. See TSA Docket for more information and public comments. (Feb. 24)

EPIC Criticizes Gov't Rule on Citizen Travel. EPIC has filed comments [PDF] on the Immigration and Naturalization Service (INS)'s proposed rule to collect passenger manifest information on all international travelers, including American citizens and legal permanent residents. The comments argue that the proposed rule is legally deficient because the INS has not complied with the Privacy Act in creating this new "system of records." EPIC has asked the INS to reissue its notice and meet the requirements of the Privacy Act. The comments also note that, by collecting and sharing travel data about citizens, the INS is placing a burden on the right to travel and the rights of anonymous association. (Feb. 4, 2003)

EPIC Files Suit for "No-Fly List" Information. Seeking information about aviation security watchlists, EPIC has filed a lawsuit [PDF] against the Transportation Security Administration (TSA) in federal court in Washington. The legislation creating TSA authorizes the agency to maintain such lists, which reportedly have been used to interfere with the travel of political activists. (Dec. 12, 2002)

Previous Files

FAA Proposes Profiling Regulations. The Federal Aviation Administration published proposed regulations on April 19, 1999, governing "Security of Checked Baggage on Flights Within the United States." The draft rules detail the use of computer profiling techniques to identify suspicious passengers. Public comments can be filed until June 18, 1999.

Airline Passenger Profiling Goes Into Effect. The Computer Assisted Passenger Screening System is scheduled to be phased in nationwide beginning on January 1. Under the system, passengers who "fit the profile" will be selected for heightened security measures, which can include a thorough search of their luggage, intrusive personal questioning, tagging of luggage with orange tape, and a physical escort from the check-in counter to the airport gate by security personnel. The ACLU is providing an online complaint form for passengers targeted by the profiling system.

The Gore Commission has released its final report recommending passenger profiling. A coalition of 17 groups has sent a letter to Gore opposing ID checks, profiling, new x-ray technologies and excessive secrecy by the FAA in making decisions.